NYU.edu requires JavaScript be enabled in your browser in order to use important features of the site. JavaScript is either disabled or not supported by your browser. For instructions on how to enable JavaScript in your browser, click here.

Sub Navigation

POLICY

Policy on Personal Identification Numbers

New York University collects, maintains, and uses confidential personally identifiable information relating to its students, faculty, and other workforce members, and other individuals associated with the University. The ability to identify an individual and to associate information with an individual is vitally important to both the University and the person. The University has an obligation to ensure privacy and proper handling of personal identification numbers and to protect them against inappropriate access and use.

POLICY STATEMENT

Members of the University community shall employ reasonable and appropriate administrative, technical, and physical safeguards to protect the integrity, confidentiality, and security of the personal identification numbers (SSNs, UIDs, and NetIDs) they handle, store, and/or transmit or to which they otherwise have been given or have gained access.

In adopting this policy, the University is guided by the following objectives:

1. To ensure that the necessary awareness and procedures exist so that all members of the University community comply with both the letter and the spirit of the federal and state privacy legislation;
2. To inculcate broad awareness of the confidential nature of the SSN;
3. To reduce reliance for identification purposes on the SSN in favor of the UID;
4. To establish a consistent policy towards and treatment of SSNs throughout the University;
5. To ensure that access to SSNs for the purpose of conducting University business is granted only to the extent necessary;
6. To enhance and preserve individual privacy for members of the University community through the confidential handling of personal identification numbers;
7. To use, throughout the University, a unique UID that serves as the primary identification element for persons associated with NYU and be applicable across the entire NYU enterprise; and
8. To ensure that each member of the University community takes full responsibility for any activity done under that individual’s NetID.

The following campus officials are responsible for SSN and UID oversight in their respective areas of University operations. That responsibility extends to promoting awareness of this Policy and establishing procedures for protecting these data. Activities of these officials are aligned and integrated through a coordinating task force.

1. Alumni: Senior Vice President for Development and Alumni Relations
2. Students: University Registrar
3. Prospective students and applicants: Associate Provost for Admissions and Financial Aid
4. Faculty, Visiting Scholars, and researchers: Vice Provost for Faculty Affairs
5. Employees and prospective employees: Vice President for Human Resources
6. All other affiliated individuals: Vice President for Public Safety
The Office of the Associate Provost/Chief Information Technology Officer is responsible for overseeing use of the NetID in University operations.

About This Policy

New York University collects, maintains, and uses confidential personally identifiable information relating to its students, faculty, and other workforce members, and other individuals associated with the University. The ability to identify an individual and to associate information with an individual is vitally important to both the University and the person. The University has an obligation to ensure privacy and proper handling of personal identification numbers and to protect them against inappropriate access and use.

This policy applies to all members of the University community and covers the use, display, storage, retention, and disposal of personal identification numbers in print or electronic form. Personal identification numbers are Social Security Numbers (SSNs), New York University identification numbers (UIDs), and NetIDs. Members of the University community include full- and part-time employees (such as staff and administrators), faculty, and students, and other individuals (such as contractors, consultants, alumni, and affiliates) associated with the University.

Data Trustees: Data Trustees (see the University Data Management Policy at http://www.nyu.edu/its/policies/datamgmt.html), section C.1) are senior University officials (typically at the level of Vice President or higher) who have planning and policy-making responsibilities for University data and the University Data Warehouse. The Data Trustees, as a group, are responsible for overseeing the establishment of data management policies and procedures and for the assignment of data management accountability.

Minimum Necessary: Minimum Necessary is the standard that defines that the least information and fewest people should be involved to satisfactorily perform a particular function.

Personally Identifiable Information (PII): Information which can be used to distinguish or trace an individual's identity, such as their name, Social Security number, or biometric records, alone, or when combined with other personal or identifying information which is linked or linkable to a specific individual, such as date and place of birth, mother's maiden name, etc.

Personal Identifier (PID): A PID, a sub-category of PII, is a unique code assigned to or utilized by an individual to identify that individual. PIDs are used primarily, but not exclusively, for the purpose of electronic operations. University Identification Numbers (UIDs) and NetIDs are examples of PIDs.